| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. |
| Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). |
| Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script. |
| Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). |
| Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. |
| The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
| Solaris ufsrestore buffer overflow. |
| Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. |
| The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file. |
| Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname. |
| Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors. |
| The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. |
| Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command. |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
| OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. |
| Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. |
